Exchange Token
Method is used to obtain user's permanent access token by exchanging it with the access code received during the user authentication.
Request
https://api.dapi.com/v2/auth/ExchangeToken
Request Example
{
"appSecret": "00bae841ad979345fca2e2585c000da7eac420504d189cf63315e7a6234d45c68dbd6fff749167292cd1475622805dce7a2b979db3c16e25a2897158ee63845b1043930ff603e19deb1d2d54ad9afc3d52df241d3c4e7286244a2f98a10212e38b2e9f8b0e3a7592702fa4358fb9103b93a26dd6bb92c2be0327ac054f14becc",
"accessCode": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoiRmlHUUhDM2NwZ01NZmhaejNHMk8zNitHakdBUEs0ZFptSEgwRy9jN1cxWT0iLCJhcHBLZXkiOiI0OTc3OTFjZmQ1MTBmMjI1MDc1Yzk3YWNkYzFkYmY0YTI1ZDczNTgxNGZlMmE3OGQxZjRiMGI4OTcxOGU3ZWQ2IiwidG9rZW5JRCI6IjYxMWM3YWE4LTcwYWYtNGQ3Zi1hODk1LTI4OWU4OTIzOTMxMyIsImlhdCI6MTYxNjQyOTI0MCwiZXhwIjoxNjE2NDI5NTQwfQ.FVo8b-krSDNHjIormm_BZAUxUfr_4ZEAzp_xh9WuR0M",
"connectionID": "2c72a336a7c09fd905f9adf3dc5ff976d58eeb20"
}
Body Parameters
Parameter | Type | Description |
---|---|---|
appSecret REQUIRED |
| Private token generated at application creation. |
accessCode |
| Unique code for a user’s successful login to Connect. Returned in the response of UserLogin. |
connectionID |
| The |
Response
Response Example
{
"success": true,
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoiRmlHUUhDM2NwZ01NZmhaejNHMk8zNitHakdBUEs0ZFptSEgwRy9jN1cxWT0iLCJhcHBLZXkiOiI0OTc3OTFjZmQ1MTBmMjI1MDc1Yzk3YWNkYzFkYmY0YTI1ZDczNTgxNGZlMmE3OGQxZjRiMGI4OTcxOGU3ZWQ2IiwidG9rZW5JRCI6IjYxMWM3YWE4LTcwYWYtNGQ3Zi1hODk1LTI4OWU4OTIzOTMxMyIsImF1dGhvcml6YXRpb25zIjp7ImF1dGhlbnRpY2F0aW9uIjp7ImNyZWF0ZSI6dHJ1ZX0sImlkZW50aXR5Ijp7ImdldCI6ZmFsc2V9LCJhY2NvdW50cyI6eyJnZXQiOmZhbHNlfSwiYmFsYW5jZSI6eyJnZXQiOmZhbHNlfSwidHJhbnNhY3Rpb25zIjp7ImdldCI6ZmFsc2V9LCJiZW5lZmljaWFyaWVzIjp7ImdldCI6ZmFsc2UsImNyZWF0ZSI6ZmFsc2V9LCJ0cmFuc2ZlciI6eyJjcmVhdGUiOmZhbHNlfSwiY2FyZHMiOnsiZ2V0IjpmYWxzZX0sInN0YXRlbWVudHMiOnsiZ2V0IjpmYWxzZX0sInByb2R1Y3RzIjpbImRhdGEiLCJwYXltZW50Il19LCJpYXQiOjE2MTY0MjkzMTZ9.MIicjZXD8ojOqInzKqeyzmfCkQaxl7K6NU7Q5UPt47Y",
"status":"done"
}
Response Parameters
success |
| Returns |
accessToken |
| A unique permanent token linked to one user. Is only returned if the request was successful |
status |
| Status of the operation
|
type |
| Type of error encountered Is only returned if the request was not successful |
msg |
| Detailed description of the error Is only returned if the request was not |
Examples
Successful
{
"appSecret": "00bae841ad979345fca2e2585c000da7eac420504d189cf63315e7a6234d45c68dbd6fff749167292cd1475622805dce7a2b979db3c16e25a2897158ee63845b1043930ff603e19deb1d2d54ad9afc3d52df241d3c4e7286244a2f98a10212e38b2e9f8b0e3a7592702fa4358fb9103b93a26dd6bb92c2be0327ac054f14becc",
"accessCode": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoiRmlHUUhDM2NwZ01NZmhaejNHMk8zNitHakdBUEs0ZFptSEgwRy9jN1cxWT0iLCJhcHBLZXkiOiI0OTc3OTFjZmQ1MTBmMjI1MDc1Yzk3YWNkYzFkYmY0YTI1ZDczNTgxNGZlMmE3OGQxZjRiMGI4OTcxOGU3ZWQ2IiwidG9rZW5JRCI6IjYxMWM3YWE4LTcwYWYtNGQ3Zi1hODk1LTI4OWU4OTIzOTMxMyIsImlhdCI6MTYxNjQyOTI0MCwiZXhwIjoxNjE2NDI5NTQwfQ.FVo8b-krSDNHjIormm_BZAUxUfr_4ZEAzp_xh9WuR0M",
"connectionID": "2c72a336a7c09fd905f9adf3dc5ff976d58eeb20"
}
{
"success": true,
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoiRmlHUUhDM2NwZ01NZmhaejNHMk8zNitHakdBUEs0ZFptSEgwRy9jN1cxWT0iLCJhcHBLZXkiOiI0OTc3OTFjZmQ1MTBmMjI1MDc1Yzk3YWNkYzFkYmY0YTI1ZDczNTgxNGZlMmE3OGQxZjRiMGI4OTcxOGU3ZWQ2IiwidG9rZW5JRCI6IjYxMWM3YWE4LTcwYWYtNGQ3Zi1hODk1LTI4OWU4OTIzOTMxMyIsImF1dGhvcml6YXRpb25zIjp7ImF1dGhlbnRpY2F0aW9uIjp7ImNyZWF0ZSI6dHJ1ZX0sImlkZW50aXR5Ijp7ImdldCI6ZmFsc2V9LCJhY2NvdW50cyI6eyJnZXQiOmZhbHNlfSwiYmFsYW5jZSI6eyJnZXQiOmZhbHNlfSwidHJhbnNhY3Rpb25zIjp7ImdldCI6ZmFsc2V9LCJiZW5lZmljaWFyaWVzIjp7ImdldCI6ZmFsc2UsImNyZWF0ZSI6ZmFsc2V9LCJ0cmFuc2ZlciI6eyJjcmVhdGUiOmZhbHNlfSwiY2FyZHMiOnsiZ2V0IjpmYWxzZX0sInN0YXRlbWVudHMiOnsiZ2V0IjpmYWxzZX0sInByb2R1Y3RzIjpbImRhdGEiLCJwYXltZW50Il19LCJpYXQiOjE2MTY0MjkzMTZ9.MIicjZXD8ojOqInzKqeyzmfCkQaxl7K6NU7Q5UPt47Y",
"status":"done"
}
Failed - Missing Mandatory Parameters
{
"appSecret": "00bae841ad979345fca2e2585c000da7eac420504d189cf63315e7a6234d45c68dbd6fff749167292cd1475622805dce7a2b979db3c16e25a2897158ee63845b1043930ff603e19deb1d2d54ad9afc3d52df241d3c4e7286244a2f98a10212e38b2e9f8b0e3a7592702fa4358fb9103b93a26dd6bb92c2be0327ac054f14becc",
"accessCode": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzYWx0IjoiRmlHUUhDM2NwZ01NZmhaejNHMk8zNitHakdBUEs0ZFptSEgwRy9jN1cxWT0iLCJhcHBLZXkiOiI0OTc3OTFjZmQ1MTBmMjI1MDc1Yzk3YWNkYzFkYmY0YTI1ZDczNTgxNGZlMmE3OGQxZjRiMGI4OTcxOGU3ZWQ2IiwidG9rZW5JRCI6IjYxMWM3YWE4LTcwYWYtNGQ3Zi1hODk1LTI4OWU4OTIzOTMxMyIsImlhdCI6MTYxNjQyOTI0MCwiZXhwIjoxNjE2NDI5NTQwfQ.FVo8b-krSDNHjIormm_BZAUxUfr_4ZEAzp_xh9WuR0M"
}
{
"success": false,
"status": "failed",
"msg": "Validation error on field 'connectionID'. Error: value must not be an empty string",
"type": "INVALID_ARGS"
}
Failed - Invalid AccessCode
{
"appSecret": "00bae841ad979345fca2e2585c000da7eac420504d189cf63315e7a6234d45c68dbd6fff749167292cd1475622805dce7a2b979db3c16e25a2897158ee63845b1043930ff603e19deb1d2d54ad9afc3d52df241d3c4e7286244a2f98a10212e38b2e9f8b0e3a7592702fa4358fb9103b93a26dd6bb92c2be0327ac054f14becc",
"accessCode": "Invalid_access_code",
"connectionID": "2c72a336a7c09fd905f9adf3dc5ff976d58eeb20"
}
{
"msg": "Invalid token",
"type": "INVALID_TOKEN",
"success": false,
"status": "failed"
}
FAQ
What is the difference betweenaccessCode
and accessToken
?
accessCode
is a temporary token generated upon successful authentication via the Connect Layer.
accessToken
is a permanent token that is generated upon sending theaccessCode
along other secrets to Dapi using theexchangeToken
request.
How permanent is theaccessToken
?
One
accessToken
corresponds to one pair of login credentials into one bank account. The only way theaccessToken
loses its validity is if the user changes their login credentials or if the De-Link User API is called.
Why do I need anaccessToken
?
accessToken
is required to make any following API calls to Dapi to retrieve data or initiate payments.
Updated 27 days ago
Now that you obtained the token, you can read more about how to initiate a transaction, retrieve users financial information or make the token invalid